General
-
Target
58f42737cd5cd7e59d97167d8fd69485_JaffaCakes118
-
Size
70KB
-
Sample
240519-g1qtaaea9z
-
MD5
58f42737cd5cd7e59d97167d8fd69485
-
SHA1
58d3d28728f005feebdbe8189f3ae6491c839a8a
-
SHA256
0cc1b59001472b0c7b3f2c7ec319379ae3a0cf20cb6df505f5dfcb6f097ab94d
-
SHA512
b7b941a391c17cb7326b98e210f29256b8a43c8eeaf4c886999da95e9092debfc42a22d133f35dcf0c582be511e6cba0a733d1c066c65b4a3ae3e5cbb9df772b
-
SSDEEP
1536:IptJlmrJpmxlRw99NBv+aNZOVbeqIJNa:Qte2dw99fIbl0
Behavioral task
behavioral1
Sample
58f42737cd5cd7e59d97167d8fd69485_JaffaCakes118.doc
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
58f42737cd5cd7e59d97167d8fd69485_JaffaCakes118.doc
Resource
win10v2004-20240508-en
Malware Config
Extracted
http://alkhashen.com/Z
http://depisce.com/w9rzO0u
http://interconectiva.com.br/d3Psek
http://cmitik.ru/HkQRV7f
http://xn--b1abfba5bieepl.xn--p1ai/9D2mKlAw
Targets
-
-
Target
58f42737cd5cd7e59d97167d8fd69485_JaffaCakes118
-
Size
70KB
-
MD5
58f42737cd5cd7e59d97167d8fd69485
-
SHA1
58d3d28728f005feebdbe8189f3ae6491c839a8a
-
SHA256
0cc1b59001472b0c7b3f2c7ec319379ae3a0cf20cb6df505f5dfcb6f097ab94d
-
SHA512
b7b941a391c17cb7326b98e210f29256b8a43c8eeaf4c886999da95e9092debfc42a22d133f35dcf0c582be511e6cba0a733d1c066c65b4a3ae3e5cbb9df772b
-
SSDEEP
1536:IptJlmrJpmxlRw99NBv+aNZOVbeqIJNa:Qte2dw99fIbl0
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-
An obfuscated cmd.exe command-line is typically used to evade detection.
-